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Amendments to the Claims : 



This listing of claims will replace all prior 
versions, and listings, of claims in the application: 



fisting of Claims: 



1. (Original) A proactive operating environment 
that includes a group of proactive servers communicating 
over a network; each proactive server (PSi) comprising: 
a storage that includes a non erasable part that stores at 
least a public, non proactive related, key V 1 start/ said storage 
further includes an erasable part for storing private and 
public data; said proactive server is further associated with 
a discardable one-time private key S I S tart that corresponds to 
said public key V 1 start/ said proactive server is further 
associated with configuration data C; 

a processor for providing at least proactive 
services to applications; 

the proactive server is associated with a group 
public proactive key V CERT common to said group of proactive 
servers and a share S i C ert of a corresponding private proactive 
key Scert/ 

the processor is operative to invoke initialization 
procedure for generating restore related information; 
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the processor is further operative to invoke a 
restore procedure for utilizing at least said public, non 
proactive related, key V I start and said restore related 
information for restoring at least said public proactive key 
Vcert- 

2. (Original) The system according to Claim 1, 
wherein said restore procedure is invoked by refresh 
procedure . 

3. . (Original) The system according to Claim 1, 
wherein said non erasable part of the storage being a ROM 
memory module. 

4. (Currently Amended) The system according to 
Claim 1, wherein said applications being are at least one of 
the following: 

Secure logging, Secure end-to-end communication, 
Timestamping, Certificate authority, Key recovery, Voting, 
Trading, Database, Operating system, Access control mechanisms, 
Secure Commerce. 

5. (Original) The system according to Claim 1, 
wherein said restore related information includes restore 
related self information. 
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6. (Original) The system according to Claim 1, 
wherein said restore related information includes restore 
related others' information. 

7. (Currently Amended) The system According 
according to Claim 5, wherein said restore related self 
information includes M r = S T S tart (Vcert, C) . 

8. (Currently Amended) The system According 
according to Claim 6, wherein said restore related others' 
information includes ( S Cert (M) ,M) . 

9. (Currently Amended) The system according to 
Claim 1, wherein said initialization procedure includes: 



(i) 



input for receiving at least configuration 



data C, public non-proactive related key 



tart and discardable one time private key 



(ii) 



the processor generating a set of keys Sj(0), 



V x (0), Ex(0), Dj(0); 



(iii) 



broadcasting said set of keys except D T (0) 



over the network to the rest of the servers 



(1 . . i-1 , i+1 . . n) in the group, so as to 



authenticate and encrypt the network channel; 
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(iv) the processor generating the group public 
proactive key V Cer t and a share (S J CERT ) of 
corresponding private proactive key S C ert/ 

(v) the processor generating restore related self 
information that includes M T ~ S 1 start (Vcert, 
C); 

(vi) discarding the one-time private key S 1 start; 

(vii) broadcasting Mi to all servers in the group, 
and receiving Mj from all respective SPj 
servers in the group; the processor 
concatenating said Mi..M N so as to conotrct 
construct M; 

(viii) the processor generating a joint signature 
{Scert (M),M) that forms part of said restore 
related others' information; and 

(ix) broadcasting the joint signature (S Cert (M),M). 

10. (Currently Amended) The system according to 
Claim 1, wherein said recover procedure includes: 

(i) the processor extracting V I stai:t ; 

(ii) the processor extracting M T from M; 

(iii) the processor constructing V Cert by applying 
V 1 start to Mi; 

(iv) the processor validating M by applying V C ert 
to the joint signature part_(S Ce rt (M) ; if the 
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result matches M then the server becomes 
operational; sending M and S Ce rt (M) to all 
the group servers; 
(v) if, on the other hand, M is invalid, then 

waiting the receipt of another joint 
signature and in response repeating said (ii) 
to (iv) . 

11. (Currently Amended) For use in the The system 
of Claim 1, wherein an initialize procedure is configured to 
generate restore related information . 

12. (Currently Amended) For use in the The system 
of Claim 1, wherein a restore procedure is configured to utilize 
at least said public, non proactive related, key V T start and said 
restore related information for restoring at least said public 
proactive key V cert • 

13. (Currently Amended) A method for providing a 
proactive security in proactive operating environment; the 
proactive operating environment includes a group of proactive 
servers communicating over a network; each proactive server 
( PSi) comprising : 

a storage that includes a non erasable part that 
stores at least a public, non proactive related, key V I start ; 
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said storage further includes an erasable part for storing 
private and public data; said proactive server is further 
associated with a discardable one-time private key S I sta rt that 
corresponds to said public key V J start ; said proactive server is 
further associated with configuration data C; 

a processor for providing at least proactive 
services to applications; 

the proactive server is associated with a group 
public proactive key V C ert common to said group of proactive 
servers and a share S i C ert of a corresponding private proactive 
key Scert/ the method further including: 

invoking an initialization procedure for generating 
restore related information; and invoking a restore procedure 
for utilizing at least said public, non proactive related, key 
V Z start and said restore related information for restoring at 
least said public proactive key V C ert- 

14. (Original) The method according to Claim 13, 
wherein said restore procedure is invoked by refresh 
procedure . 

15. (Currently Amended) The method according to 
Claim 13, wherein said non erasable part of the storage being 
is a ROM memory module. 
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16. (Currently Amended) The method according to 
Claim 13, wherein said applications being are at least one of 
the following: 

Secure logging, Secure end-to-end communication, 
Time stamping, Certificate authority, Key recovery, Voting, 
Trading, Database, Operating system, Access control mechanisms, 
Secure Commerce. 

17. (Original) The method according to Claim 13, 
wherein said restore related information includes restore 
related self information. 

18. (Original) The method according to Claim 13, 
wherein said restore related information includes restore 
related others' information. 

19. {Currently Amended) The method According 
according to Claim 17, wherein said restore related self 
information includes M T = S T S tart (Vcertf C) . 

20. (Currently Amended) The method According 
according to Claim 18, wherein said restore related others' 
information includes (S C ert(M) ,M) . 

21. (Currently Amended) The method according to 
Claim 13, wherein said initialization procedure includes: 
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(i) receiving at least configuration data C, 
public non-proactive related key V rJ start and 
discardable one time private key S I sta rtr 

(ii) generating a set of keys Sj(0), V 2 (0) , E x (0), 
D z (0) ; 

(iii) broadcasting said set of keys except Dz(0) 
over the network to the rest of the servers 
(1 . . i-1 , i+1 . .n) in the group, so as to 
authenticate and encrypt the network channel ; 

(iv) generating the group public proactive key V Cert 
and a share (S J cert) of corresponding private 
proactive key S CERT ; 

(v) generating restore related self information 
that includes M x = S 1 start (Vcert, C) . 

(vi) discarding the one-time private key S I S tart; 

(vii) broadcasting M z to all servers in the group, 
and receiving Mj from all respective SPj 
servers in the group; the processor 
concatenating said Mi..M N so as to constrct 
construct M; 

(viii) generating a joint signature {S Ce rt (M),M) that 
forms part of said restore related others' 
information; and 

(ix) broadcasting the joint signature {S C ert (M),M). 



9 



Appln. No. 09/431,067 

Amdt. dated January 23, 2004 

Reply to Office Action of Sept. 30, 2003 



22. (Original) The method according to Claim 13, 
wherein said recover procedure includes: 

(i) extracting V 1 start/ 

(ii) extracting Mj from M; 

(iii) constructing V Cert by applying V 1 start to M I; 

(iv) validating M by applying V C ert to the joint 
signature part S Ce rt (M) /* if the result matches 
M then the server becomes operational; sending 
M and S Ce rt (M) to all the group servers; 

(v) if, on the other hand, M is invalid, then 
waiting the receipt of another joint signature 
and in response repeating said (ii) to (iv) . 

23. (Currently Amended) For use in tho The system 
of Claim 13, wherein an initialize procedure is configured to 
generate restore related information . 

24 . (Currently Amended) For use in the The system 
of Claim 13, wherein a restore procedure is configured to 
utilize at least said public, non proactive related, key V X start 
and said restore related information for restoring at least said 
public proactive key V C er t - 

25. (Original) A storage medium storing computer 
implemented program for providing a proactive security in 
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proactive operating environment; the proactive operating 
environment includes a group of proactive servers communicating 
over a network; each proactive server (PSi) comprising: 

a storage that includes a non erasable part that 
stores at least a public, non proactive related, key V 1 start/ 
said storage further includes an erasable part for storing 
private and public data; said proactive server is further 
associated with a discardable one-time private key S J $ tart that 
corresponds to said public key V 1 starts said proactive server is 
further associated with configuration data C; 

a processor for providing at least proactive 
services to applications; 

the proactive server is associated with a group 
public proactive key V C ert common to said group of proactive 
servers and a share S i C ert of a corresponding private proactive 
key Scert/ the method further including: 

invoking initialization procedure for generating 
restore related information; and invoking a restore procedure 
for utilizing at least said public, non proactive related, key 
V J start and said restore related information for restoring at 
least said public proactive key V C ert- 



